CVE-2026-2859 in CheckmkИнформация

Сводка

по MITRE • 13.03.2026

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL) allows unauthenticated users to enumerate existing hosts by observing different HTTP response codes in deploy_agent endpoint, which could lead to information disclosure.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

Checkmk

Резервировать

20.02.2026

Раскрытие

13.03.2026

Модерация

принято

Вход

VDB-350831

CPE

готов

CWE

CWE-204 (Подтверждённый)

CVSS

4.3 (NVD)

EPSS

0.00054

KEV

Нет

Деятельности

Очень низкий

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-2859
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-2859
CVE Details	https://www.cvedetails.com/cve/CVE-2026-2859/

◂ Предыдущий Обзор Далее ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!